Managed Sentinel – Alert 018
| Alert ID | MS-A018 |
| Alert Name | MCAS Malware Detected |
| Description | Detect files containing malware in your cloud environments by utilizing Cloud App Security’s integration with the Microsoft’s Threat Intelligence engine. |
| Severity Level | Medium |
| Threat Indicator | Malicious activity |
| MITRE ATT&CK Tactics | Exfiltration Command and Control |
| Log sources | Microsoft Cloud App Security |
| Recommendations | 1. Review the suspicious activity identified via Microsoft Cloud App Security Portal 2. Contact the owner of the detected malicious file and notify him/her about the situation 3. Clean-up malicious file from the Cloud repository 4. Look for additional indicators of compromise related to the user or the system identified in the alert. |